<?php
/**
 ***********************************************************************************************************************
 * 过滤非法字符
 ***********************************************************************************************************************
 */
namespace artisan;
/**
 * Class filter
 * @package artisan
 */
class filter
{
    /**
     * 过滤xss跨站脚本
     * @param $mixed
     * @return mixed
     */
    public static function xss($mixed, $is_image = false)
    {
        return \artisan\secure\xss::filter($mixed, $is_image);
    }

    //短信过滤使用
    public static  function textfilter($value)
    {
//        $ra=Array('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','/script[^.]+/','/javascript/','/vbscript/','/expression/','/applet/','/meta/','/xml/','/blink/','/link/','/style/','/embed/','/object/','/frame/','/layer/','/title/','/bgsound/','/base/','/onload/','/onunload/','/onchange/','/onsubmit/','/onreset/','/onselect/','/onblur/','/onfocus/','/onabort/','/onkeydown/','/onkeypress/','/onkeyup/','/onclick/','/ondblclick/','/onmousedown/','/onmousemove/','/onmouseout/','/onmouseover/','/onmouseup/','/onunload/','/<a[^.]+/');
        $ra=Array('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','/script[^.]+/','/javascript/','/vbscript/','/expression/','/applet/','/meta/','/xml/','/embed/','/object/','/frame/','/layer/','/onload/','/onunload/','/onchange/','/onsubmit/','/onreset/','/onselect/','/onblur/','/onfocus/','/onabort/','/onkeydown/','/onkeypress/','/onkeyup/','/onclick/','/ondblclick/','/onmousedown/','/onmousemove/','/onmouseout/','/onmouseover/','/onmouseup/','/onunload/','/<a[^.]+/');


        if(!get_magic_quotes_gpc())             //不对magic_quotes_gpc转义过的字符使用addslashes(),避免双重转义。
        {
            $value  = addslashes($value);           //给单引号（'）、双引号（"）、反斜线（\）与 NUL（NULL 字符）加上反斜线转义
        }
        preg_replace($ra,'',$value,-1,$count);     //删除非打印字符，粗暴式过滤xss可疑字符串
        $value= htmlentities(strip_tags($value)); //去除 HTML 和 PHP 标记并转换为 HTML 实体
		$value = str_replace('&hellip;','…',$value);
		$value = str_replace('&amp;','&',$value);
//        logDebug($value,'filter');
        $data=array('count'=>$count,'value'=>$value);
        
        return $data;
    }
    //快递圈使用
    public static  function filter($value)
    {
        $ra=Array('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','/script[^.]+/','/javascript/','/vbscript/','/expression/','/applet/','/meta/','/xml/','/blink/','/link/','/style/','/embed/','/object/','/frame/','/layer/','/title/','/bgsound/','/base/','/onload/','/onunload/','/onchange/','/onsubmit/','/onreset/','/onselect/','/onblur/','/onfocus/','/onabort/','/onkeydown/','/onkeypress/','/onkeyup/','/onclick/','/ondblclick/','/onmousedown/','/onmousemove/','/onmouseout/','/onmouseover/','/onmouseup/','/onunload/','/<a[^.]+/');


        if(!get_magic_quotes_gpc())             //不对magic_quotes_gpc转义过的字符使用addslashes(),避免双重转义。
        {
            $value  = addslashes($value);           //给单引号（'）、双引号（"）、反斜线（\）与 NUL（NULL 字符）加上反斜线转义
        }
        preg_replace($ra,'',$value,-1,$count);     //删除非打印字符，粗暴式过滤xss可疑字符串
//        $value= htmlentities(strip_tags($value)); //去除 HTML 和 PHP 标记并转换为 HTML 实体
        $value = str_replace('&hellip;','…',$value);
        $data=array('count'=>$count,'value'=>$value);

        return $data;
    }

}